This archive contains all of the 127 exploits added to Packet Storm in June, 2020.
5d20c1de390186928844ed4f321a3f305314f0caf79300d0b4b9b8383e4c8360openSIS versions 7.4 and below suffer from multiple remote SQL injection vulnerabilities.
400d9b74c5924b238ccb88c1968e13b4640183baf55f44521ab902c275f4c1d9openSIS versions 7.4 and below suffer from a local file inclusion vulnerability.
e7161d7a2b2b5f3b74f9ce9373cde1c623bb264344142c67862680b20c2bfee5openSIS versions 7.4 and below suffer from an access bypass vulnerability.
de18d17ff15947139e2907c1c51bf51af6d549555d04403c26002b9a0c85a3afThe Cellebrite UFED Physical device relies on key material hardcoded within both the executable code supporting the decryption process and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of the software and does not appear to be changed with each new build. It is possible to reconstruct the decryption process
8e1693c954c2b9222de10e46717620d6631dc916f4d2bd744336668d271dbc33This Metasploit module exploits an arbitrary file upload vulnerability together with a directory traversal flaw in ATutor versions 2.2.4, 2.2.2 and 2.2.1 in order to execute arbitrary commands.
344a78946baa67ebb531073dad88904763b7f86e0bf52c4f8197e8fc0c0f179dReside Property Management version 3.0 suffers from a remote SQL injection vulnerability.
9183471e0151039ba3174dafcc1f9f66cf8d3aaf7e9711e8a2864d85c83bfad6Victor CMS version 1.0 suffers from a user_firstname persistent cross site scripting vulnerability.
fe4085a15f1f89fb9cf4a3bc61df5a3e0c9705d49ea0ae170ae336a03292b04fThis Metasploit module exploits multiple vulnerabilities in Bolt CMS version 3.7.0 and 3.6.x in order to execute arbitrary commands as the user running Bolt. Valid credentials for a Bolt CMS user are required. This module has been successfully tested against Bolt CMS 3.7.0 running on CentOS 7.
9f2d762b1d8e6bcbc5f7e02bde9b6d95028ec1015c112f2165e2847c2855320dNetPCLinker version 1.0.0.0 SEH with egghunter shellcode buffer overflow exploit.
faf335f38b0cfa1532855053ad2d12d2861d1f997d3c34bf6c71855e835b30feWindscribe version 1.83 suffers from an unquoted service path vulnerability.
3a69097c69131501de9a2d82ddd6f5a72a10ad74914c97973bbec4417c602330OpenEMR version 5.0.1 suffers from a remote code execution vulnerability.
30c2dce13c4d30c1351faa3934ffc815807ae3f57ed30e9c09176e6fe07bef30KiteService version 1.2020.618.0 suffers from an unquoted service path vulnerability.
9f1969c9c40c04b042621ad8bb3cb88b82b11330fa83a1668a4726b74582010cFire Web Server Pre-Alpha version suffers from a denial of service vulnerability.
e57467b419ce3fa77ec60d1ede7a8ea90d39c83b42464e2cde3fa519c3fe4149This Metasploit module exploits a Java deserialization vulnerability in the Inductive Automation Ignition SCADA product, versions 8.0.0 to (and including) 8.0.7. This exploit was tested on versions 8.0.0 and 8.0.7 on both Linux and Windows. The default configuration is exploitable by an unauthenticated attacker, which can achieve remote code execution as SYSTEM on a Windows installation and root on Linux. The vulnerability was discovered and exploited at Pwn2Own Miami 2020 by the Flashback team (Pedro Ribeiro + Radek Domanski).
9d49478c9a416ef64a062b712cd22c68e5b37e2e0f0dbc80fc3655a1c2e3d686iOS and macOS suffered from a wifi proximity kernel double-free vulnerability in AWDL BSS Steering.
185ed329e279974bff794995bb28d911a3d0487fe537cf5e9f91c71beea77fb6This Metasploit module exploits a cross site request forgery vulnerability in Online Student Enrollment System version 1.0 to perform a shell upload.
b6366584b46649d37ada0b665f649825e40650ad568620f751b7363d7e66995eFHEM version 6.0 suffers from a local file inclusion vulnerability.
5160e3d33cbb28402cdd7c05ddca7fa56063505199fb9e026f19326dc0072f10This is a proof of concept exploit that takes advantage of a privilege escalation vulnerability in the Windows Print Spooler.
10cd5282101291a6752965e7e18cbc4e13658d0643547dbb3204e8fd764b8c3aASUS Aura Sync version 1.07.71 ene.sys privilege escalation kernel exploit.
e7ab712703b5aec8283763947cace886385e933263c2aec57c840e86c46387e6The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The attack consists in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service. This service will then launch the vulnerable installer component (vpndownloader), which copies itself to an arbitrary location before being executed with system privileges. Since vpndownloader is also vulnerable to DLL hijacking, a specially crafted DLL (dbghelp.dll) is created at the same location vpndownloader will be copied to get code execution with system privileges. This exploit has been successfully tested against Cisco AnyConnect Secure Mobility Client versions 4.5.04029, 4.5.05030 and 4.7.04056 on Windows 10 version 1909 (x64) and Windows 7 SP1 (x86).
b6d44c2b494378ff342fef57be9d4be4564327103eadabb01ff166ae6dae9bffThis document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the UPNP daemon (/usr/sbin/upnpd), running on NETGEAR R6700v3 router with firmware versions V1.0.4.82_10.0.57 and V1.0.4.84_10.0.58. It allows for an unauthenticated reset of the root password and then spawns a telnetd to remotely access the account.
3ccd57c2afc9c37bec7729262aa2b172845c46c639bdb363b6009f40ca166d05BSA Radar version 1.6.7234.24750 suffers from a persistent cross site scripting vulnerability.
0a6d9ae3213d039a6276115d9acee975c7246ffd2f7f8ad53860f3603aea7410Responsive Online Blog version 1.0 suffers from a remote SQL injection vulnerability.
1401161ce6b0a7ed5fc9ef91c952923a4dc82b83bf04cc7581ae973569e01601Online Student Enrollment System version 1.0 suffers from a cross site request forgery vulnerability.
d93c93e52377bb4e710a9481fc7f622850eaf45ecf8e07c5dcfc655bf7d9016f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed